CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24958
https://notcve.org/view.php?id=CVE-2024-24958
28 May 2024 — Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb6bdc`. Existen varias vulnerabilidades de escritura fuera de los límites en la funcionalid... • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938 • CWE-787: Out-of-bounds Write •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24957
https://notcve.org/view.php?id=CVE-2024-24957
28 May 2024 — Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb6aa4`. Existen varias vulnerabilidades de escritura fuera de los límites en la funcionalid... • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938 • CWE-787: Out-of-bounds Write •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24956
https://notcve.org/view.php?id=CVE-2024-24956
28 May 2024 — Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb6a38`. Existen varias vulnerabilidades de escritura fuera de los límites en la funcionalid... • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938 • CWE-787: Out-of-bounds Write •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24955
https://notcve.org/view.php?id=CVE-2024-24955
28 May 2024 — Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb69fc`. Existen varias vulnerabilidades de escritura fuera de los límites en la funcionalid... • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938 • CWE-787: Out-of-bounds Write •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24954
https://notcve.org/view.php?id=CVE-2024-24954
28 May 2024 — Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these vulnerabilities.This CVE tracks the arbitrary null-byte write vulnerability located in firmware 1.2.10.9 of the P3-550E at offset `0xb69c8`. Existen varias vulnerabilidades de escritura fuera de límites en la funcionalidad A... • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1938 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24963
https://notcve.org/view.php?id=CVE-2024-24963
28 May 2024 — A stack-based buffer overflow vulnerability exists in the Programming Software Connection FileSelect functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to stack-based buffer overflow. An attacker can send an unauthenticated packet to trigger this vulnerability.This CVE tracks the stack-based buffer overflow that occurs at offset `0xb6e84` of v1.2.10.9 of the P3-550E firmware. Existe una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en... • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1939 • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24962
https://notcve.org/view.php?id=CVE-2024-24962
28 May 2024 — A stack-based buffer overflow vulnerability exists in the Programming Software Connection FileSelect functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to stack-based buffer overflow. An attacker can send an unauthenticated packet to trigger this vulnerability.This CVE tracks the stack-based buffer overflow that occurs at offset `0xb6e98` of v1.2.10.9 of the P3-550E firmware. Existe una vulnerabilidad de desbordamiento del búfer basada en pila en la funcionalidad... • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1939 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22187
https://notcve.org/view.php?id=CVE-2024-22187
28 May 2024 — A write-what-where vulnerability exists in the Programming Software Connection Remote Memory Diagnostics functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to an arbitrary write. An attacker can send an unauthenticated packet to trigger this vulnerability. Existe una vulnerabilidad de escritura en qué lugar en la funcionalidad de diagnóstico de memoria remota de conexión de software de programación de AutomationDirect P3-550E 1.2.10.9. Un paquete de red especialm... • https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003yXV2AY/sa00036 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23315
https://notcve.org/view.php?id=CVE-2024-23315
28 May 2024 — A read-what-where vulnerability exists in the Programming Software Connection IMM 01A1 Memory Read functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can send an unauthenticated packet to trigger this vulnerability. Existe una vulnerabilidad de lectura en qué lugar en la funcionalidad de lectura de memoria IMM 01A1 de la conexión del software de programación de AutomationDirect P3-550E 1.2.10.9. Un paquete de ... • https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003yZ72AI/sa00037 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21785
https://notcve.org/view.php?id=CVE-2024-21785
28 May 2024 — A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted series of network requests can lead to unauthorized access. An attacker can send a sequence of requests to trigger this vulnerability. Existe una vulnerabilidad de código de depuración sobrante en la funcionalidad de la interfaz de diagnóstico Telnet de AutomationDirect P3-550E 1.2.10.9. Una serie de solicitudes de red especialmente manipuladas pueden provocar... • https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003yaj2AA/sa00038 • CWE-489: Active Debug Code •